4 of 4 ISO 27001 Lead Auditor Jobs in Central London

Audit and Compliance Department: Information Security Certification About Us We are a UKAS-accredited certification body delivering independent audit and certification services across multiple management system standards, including ISO 9001, ISO 14001, and ISO 27001. Our goal is to help organisations demonstrate compliance, strengthen governance, and continuously improve. Were seeking a … to join our expanding audit team. Youll lead and conduct Information Security Management System (ISMS) audits in line with ISO / IEC 27001:2022 , ISO 17021 , and UKAS requirements. Key Responsibilities Plan, conduct, and report Stage 1, Stage 2, surveillance, and recertification audits for ISO 27001. Assess client ISMS implementations for conformity and effectiveness against ISO / IEC 27001:2022. Lead audits independently or as part of a multi-standard team (e.g. ISO 9001, ISO 22301, ISO 27701). Produce clear, objective audit More ❯

fully remote UK-based role, you will conduct IT security audits and assessments for clients across the United Kingdom and the European region, ensuring compliance with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, and other relevant frameworks. This position offers the opportunity to become a PCI QSA (training and certification sponsored by … ControlCase) while working in an international, collaborative, and growth-focused environment. Responsibilities • Lead client audits and compliance assessments across multiple frameworks. • Review and analyze systems, applications, databases, and network devices. • Assess cloud environments including AWS, Azure, and GCP. • Define audit scope, identify risks, and recommend improvements. • Provide compliance consulting to help clients meet regulatory requirements. • Produce final … Bachelor’s degree in information security or related field. • Deep knowledge of IT security controls, access management, logging, vulnerability assessment, and secure system configuration. • Experience with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, or similar compliance frameworks. • Strong understanding of cloud environments and network architectures. • Excellent English communication skills; fluency in German More ❯

fully remote UK-based role, you will conduct IT security audits and assessments for clients across the United Kingdom and the European region, ensuring compliance with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, and other relevant frameworks. This position offers the opportunity to become a PCI QSA (training and certification sponsored by … ControlCase) while working in an international, collaborative, and growth-focused environment. Responsibilities • Lead client audits and compliance assessments across multiple frameworks. • Review and analyze systems, applications, databases, and network devices. • Assess cloud environments including AWS, Azure, and GCP. • Define audit scope, identify risks, and recommend improvements. • Provide compliance consulting to help clients meet regulatory requirements. • Produce final … Bachelor’s degree in information security or related field. • Deep knowledge of IT security controls, access management, logging, vulnerability assessment, and secure system configuration. • Experience with PCI DSS, ISO 27001 / 2, GDPR, NIS2, DORA, or similar compliance frameworks. • Strong understanding of cloud environments and network architectures. • Excellent English communication skills; fluency in German More ❯

establishing structure, collaborating with technical and business teams, and supporting security and compliance initiatives within the organization. The position requires development and maintenance of security policies aligned with ISO 27001, GDPR, HIPAA, and OWASP, as well as leading risk assessments and managing the risk register. Key skills and responsibilities, Comprehensive knowledge of ISO 27001, NIST CSF, GDPR, HIPAA, SOC 2, and OWASP frameworks. Senior Security Analyst / Senior Security Engineer background Proven experience collaborating with software development teams and implementing technical controls. Skilled in articulating technical risks in terms of business impact. Professional certifications such as CISM, CISSP, CRISC, ISO 27001 … Lead Auditor, and hands-on experience with GRC tools (e.g., Vanta, Drata) are highly desirable. Responsible for developing and maintaining security policies in alignment with ISO 27001, GDPR, HIPAA, and OWASP standards. Lead risk assessments and oversee the management of the organization's risk register. More ❯